CVE-2024-51768

CVSS v3.1

8.0

High

Vector

AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Hewlett Packard Enterprise AutoPass License Server versions prior to 9.17

Description An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server (APLS). The vulnerability is due to insufficient input validation. Exploitation may allow a remote attacker to execute arbitrary code.

Recommendations Update Hewlett Packard Enterprise AutoPass License Server to version 9.17 or later.

Fix

RCE

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

BDU:2024-10804

CVE-2024-51768

ZDI-24-1632

Affected Products

Hpe Autopass License Server

CVE-2024-51768

Weakness Enumeration

Related Identifiers

Affected Products

References · 14